Opened 18 months ago
Closed 18 months ago
#2487 closed task (invalid)
List of TLS 1.2 and TLS 1.3 extensions supported by nginx
Reported by: | Owned by: | ||
---|---|---|---|
Priority: | trivial | Milestone: | |
Component: | documentation | Version: | 1.22.x |
Keywords: | TLS extensions | Cc: | |
uname -a: | Linux rocky8 | ||
nginx -V: |
bash-4.4# nginx -V
nginx version: nginx/1.22.1 built by gcc 8.5.0 20210514 (Red Hat 8.5.0-16) (GCC) built with OpenSSL 1.1.1k FIPS 25 Mar 2021 TLS SNI support enabled configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib64/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --user=nginx --group=nginx --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_sub_module --with-http_dav_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_stub_status_module --with-http_auth_request_module --with-http_degradation_module --add-dynamic-module=./3rd_party/njs-master/nginx --with-threads --with-stream --with-stream_ssl_module --with-file-aio --with-pcre-jit --without-pcre2 --with-mail --with-mail_ssl_module --with-http_drain_module --with-http_slice_module --with-http_v2_module --with-http_random_index_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_secure_link_module --with-http_xslt_module --with-http_geoip_module --with-stream_geoip_module --with-stream_realip_module --with-stream_ssl_preread_module --without-http_autoindex_module --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/wsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --add-module=./3rd_party/nginx_upstream_check_module --add-module=./3rd_party/nginx-sticky-module --add-module=./3rd_party/nginx-module-sts-master --add-module=./3rd_party/nginx-module-stream-sts-master --add-module=./3rd_party/nginx-module-vts-master --add-module=./3rd_party/ngx_devel_kit-0.3.0 --add-module=./3rd_party/lua-nginx-module-0.10.19 --add-module=./3rd_party/echo-nginx-module-master --add-module=./3rd_party/headers-more-nginx-module-master --add-module=./3rd_party/lua-upstream-nginx-module-master --add-module=./3rd_party/stream-lua-nginx-module-0.0.9 --add-module=./3rd_party/ngx_http_proxy_connect_module-master --add-module=./3rd_party/nginx_cookie_flag_module-master --add-module=./3rd_party/nginx_ajp_module-0.3.2 --add-module=./3rd_party/set-misc-nginx-module-0.32 --add-module=./3rd_party/ngx_http_substitutions_filter_module-master --add-dynamic-module=./3rd_party/ModSecurity-nginx-1.0.3 --with-ld-opt=-Wl,-rpath |
Description (last modified by )
Hi Team, wanted to get the list of TLS 1.2 and TLS 1.3 extensions that is being currently supported by nginx (version >=1.22.x).
Specifically looking for the below extensions.
TLS 1.2
| signed_certificate_timestamp, or sct (0x0012) | [RFC6962] |
| encrypt_then_mac (0x0016) | [RFC7366] |
| status_request (0x0005) | [RFC6066] |
| use_srtp (0x000E) | [RFC5764] |
| padding (0x0015) | [RFC7685] |
| record_size_limit (0x001C) | [RFC8449] |
| trusted_ca_keys (0x0003) | [RFC6066] |
| user_mapping (0x0006) | [RFC4681] |
| srp (0x000C) | [RFC5054] |
| status_request_v2 (0x0011) | [RFC6961] |
| session_ticket (0x0023) | [RFC5077] [RFC8447]|
TLS 1.3
| signed_certificate_timestamp | [RFC6962] |
| status_request (0x0005) | [RFC6066] |
| use_srtp (0x000E) | [RFC5764] |
| padding (0x0015) | [RFC7685] |
| record_size_limit (0x001C) | [RFC8449] |
| pre_shared_key (0x0029) | [RFC8446] |
| psk_key_exchange_modes (0x002D) | [RFC8446] |
| certificate_authorities (0x002F) | [RFC8446] |
| oid_filters (0x0030) | [RFC8446] |
| post_handshake_auth (0x0031) | [RFC8446] |
Change History (2)
comment:1 by , 18 months ago
Description: | modified (diff) |
---|
comment:2 by , 18 months ago
Resolution: | → invalid |
---|---|
Status: | new → closed |
For questions, please use support options available.